40 matches found
CVE-2022-37459
Ampere Altra devices before 1.08g and Ampere Altra Max devices before 2.05a allow attackers to control the predictions for return addresses and potentially hijack code flow to execute arbitrary code via a side-channel attack, aka a "Retbleed" issue...
CVE-2022-35888
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system...
EUVD-2022-38761
Malicious code in bioql PyPI...
EUVD-2022-53488
Malicious code in bioql PyPI...
EUVD-2021-32224
Malicious code in bioql PyPI...
EUVD-2022-49672
Malicious code in bioql PyPI...
EUVD-2022-40084
Malicious code in bioql PyPI...
CVE-2022-32295
On Ampere Altra and AltraMax devices before SRP 1.09, the Altra reference design of UEFI accesses allows insecure access to SPI-NOR by the OS/hypervisor component...
CVE-2022-46892
In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex...
CVE-2022-46892
CVE-2022-46892 affects Ampere AltraMax and Ampere Altra before 2.10c; improper access controls could allow the OS to reinitialize a disabled root complex. Impact is rated high (C/H/I/A). Remediation: upgrade to 2.10c or later per Ampere security bulletin; descriptions appear in NVD/Red Hat/CNNVD ...
Ampere Computing Ampere Altra 安全漏洞
Ampere Computing Ampere Altra is an 80-core server processor from Ampere Computing, USA. A security vulnerability exists in Ampere AltraMax versions prior to 2.10c and Ampere Altra versions prior to 2.10c, which stems from incorrect access control and allows the operating system to reinitialize a...
CVE-2022-46892
In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex...
CVE-2022-35888
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system...
CVE-2022-35888
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system...
Design/Logic Flaw
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system...
CVE-2022-35888
Ampere Altra and Ampere Altra Max devices through 2022-07-15 allow attacks via Hertzbleed, which is a power side-channel attack that extracts secret information from the CPU by correlating the power consumption with data being processed on the system...
CVE-2022-35888
CVE-2022-35888 affects Ampere Altra and Ampere Altra Max devices through 2022-07-15. The issue enables Hertzbleed, a power side-channel attack that can extract secret information by correlating CPU power consumption with processed data. The base CVSS vector indicates Network attack vector, low at...
PT-2022-22998 · Ampere · Ampere Altra +1
Name of the Vulnerable Software and Affected Versions: Ampere Altra and Ampere Altra Max devices affected versions not specified Description: The issue allows attacks via Hertzbleed, a power side-channel attack that extracts secret information from the CPU by correlating the power consumption wit...
Ampere Computing Ampere Altra 安全漏洞
Ampere Computing Ampere Altra is an 80-core server processor from Ampere Computing, USA. A security vulnerability exists in Ampere Altra and Ampere Altra Max 2022-7-15 and prior versions, which stems from an attack that allows via Hertzbleed, secret information to be extracted from the CPU by...
CVE-2021-45454
Ampere Altra before SRP 1.08b and Altra Max before SRP 2.05 allow information disclosure of power telemetry via HWmon...